Regarding the three options for declaring the requesting party claims endpoint that we discussed today:

1. Keep static declaration of requesting party claims endpoint in config data document and don't add to AS need_info response to client (status quo)

2. Keep static declaration and ADD to AS response

3. DROP static declaration and ADD to AS response

Would static declarations be the only way to have a pattern of Bob authorizing claim-pushing ahead of time (a la AATs)? That may be a good rationale for keeping them, because they'd give feature parity with original UMA.

And we already identified a rationale (or several) for dynamically adding the endpoint to the AS response.

Does this argue for option 1?